The request was made via a document signing service which is apparently legitimate. The email came from the signing service's domain.
I got in touch with their customer service, and they refused to claim any responsibility: "We do not take responsibility for the actions or communications of companies that choose to use our service. If the email you received originated from an external organization, any concerns about its content or legitimacy should be addressed directly with that organization, as the document's sender and owner."
Obviously I am not going to correspond with a scammer for any reason.
Is this legal?? Do I just need to accept that this is the world we live in?
bell-cot•1h ago
Otherwise, this sounds similar to scam emails that I regularly receive. (No conferences involved.) So I'd bet the situation is "legal", at least in the sense that nobody with real power cares to shut it down.
Idea: If some of the targets were from large institutions, and some of their credit cards were company-/govt-/university-issued, then suggest that they tell their email admins to globally block everything from Doc-U-Scam.con, to protect their institutions from fraud. If enough email systems bounced everything from those folks, then it'd seriously damage their business model.